<?php
/**
 * Extends SignInForm controller to add openID support
 *
 * @package Extensions
 * @version @@VERSION@@
 * @subpackage @@EXTENSIONNAME@@
 * @copyright Damien Lebrun 2007
 * @author Damien Lebrun
 * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GPLv2
 */

if (!defined('IN_VANILLA')) exit();
include_once($Configuration['LIBRARY_PATH'] . 'People/People.Control.SignInForm.php');

/**
 * Extends ApplyForm to support openID
 *
 * @package Extensions
 * @subpackage @@EXTENSIONNAME@@
 */
class OpenID_SignInForm extends SignInForm {

	var $OpenIdUrl = '';

	function OpenID_SignInForm(&$Context, $FormName) {

		$this->Name = 'SignInForm';
		$this->ValidActions = array('SignIn', 'SignInWithOpenId');
		$this->Constructor($Context);

		if ($this->PostBackAction == '') $this->IsPostBack = 1;

		if ($this->IsPostBack) {
			$this->FormName = $FormName;
			$this->ReturnUrl = urldecode(ForceIncomingString('ReturnUrl', ''));
			if ($this->ReturnUrl != '') $this->PostBackParams->Add('ReturnUrl', $this->ReturnUrl);
			$this->OpenIdUrl = ForceIncomingString('OpenIdUrl', '');
			$this->Username = ForceIncomingString('Username', '');
			$this->Password = ForceIncomingString('Password', '');
			$this->RememberMe = ForceIncomingBool('RememberMe', 0);

			// Set up the page
			global $Banner, $Foot;
			$Banner->Properties['CssClass'] = 'SignIn';
			$Foot->CssClass = 'SignIn';
			$this->Context->PageTitle = $this->Context->GetDefinition('SignIn');

			if ($this->PostBackAction == 'SignIn') {

				$UserManager = $this->Context->ObjectFactory->NewContextObject($this->Context, 'UserManager');
				// Check for an already active session
				if ($this->Context->Session->UserID != 0) {
					$this->PostBackValidated = 1;
				} elseif(!empty($this->OpenIdUrl)) {
					$OpenIdManager =& new OpenID_OpenIdManager($this->Context);
					$ReturnUrl = GetUrl($this->Context->Configuration,
						$this->Context->SelfUrl, '', '', '', '',
						'PostBackAction=SignInWithOpenId');
					// Redirect
					$OpenIdManager->RequestAuth($this->OpenIdUrl, $ReturnUrl);
				} else {
					// Attempt to create a new session for the user
					if ($UserManager->ValidateUserCredentials($this->Username, $this->Password, $this->RememberMe)) {
						$this->PostBackValidated = 1;
						$this->_Redirect();
					}
				}
			}

			if ($this->PostBackAction == 'SignInWithOpenId') {
				$UserManager = new OpenID_UserManager($this->Context);
				if ($UserManager->ValidateOpenIdAuthentication()) {
					$this->PostBackValidated = 1;
					//$this->_Redirect();
				}
			}

			$this->Context->BodyAttributes = " onload=\"Focus('txtUsername');\"";
		}
	}

	function Render_ValidPostBack() {
		$this->CallDelegate('PreValidPostBackRender');
		include(OpenID_ThemeFilePath($this->Context->Configuration, 'openid_people_signin_form_validpostback.php'));
		$this->CallDelegate('PostValidPostBackRender');
	}

	function Render_NoPostBack() {
		$this->Username = FormatStringForDisplay($this->Username, 1);
		$this->PostBackParams->Add('PostBackAction', 'SignIn');
		$this->PostBackParams->Add('ReturnUrl', $this->ReturnUrl);

		$this->CallDelegate('PreNoPostBackRender');
		include(OpenID_ThemeFilePath($this->Context->Configuration, 'openid_people_signin_form_nopostback.php'));
		$this->CallDelegate('PostNoPostBackRender');
	}

	// Because this form switches the user from having no session to having a session,
	// I need to override the default render method of the PostBackForm control so
	// that it doesn't check for a PostBackKey
	function Render() {
		if ($this->IsPostBack) {
			$this->CallDelegate('PreRender');
			// Call different render methods based on the PostBack state.
			if ($this->PostBackValidated) {
				$this->Render_ValidPostBack();
			} else {
				$this->Render_NoPostBack();
			}
			$this->CallDelegate('PostRender');
		}
	}

	function _Redirect() {
		$UserManager = $this->Context->ObjectFactory->NewContextObject($this->Context, 'UserManager');
		//Automatically redirect if this user isn't a user administrator or there aren't any new applicants
		$AutoRedirect = 1;
		if ($this->Context->Session->User->Permission('PERMISSION_APPROVE_APPLICANTS')) {
			$this->ApplicantCount = $UserManager->GetApplicantCount();
			if ($this->ApplicantCount > 0) $AutoRedirect = 0;
		}
		if ($this->ReturnUrl == '') {
			$this->ReturnUrl = $this->Context->Configuration['FORWARD_VALIDATED_USER_URL'];
		} else {
			$this->ReturnUrl = str_replace('&amp;', '&', $this->ReturnUrl);
		}
 		if ($AutoRedirect && $this->ReturnUrl != '') {
			//@todo: Should the the process die here?
 			Redirect($this->ReturnUrl, '302', '', 0);
		}
	}
}
